CVE-2024-50254 bpf: Free dynamically allocated bits in bpf_iter_bits_destroy()

In the Linux kernel, the following vulnerability has been resolved: bpf: Free dynamically allocated bits in bpfiterbitsdestroy bpfiterbitsdestroy uses "kit-nrbits kmemleakalloc+0x4b/0x80 kmallocnodenoprof+0x480/0x5c0 alloc.isra.0+0x89/0xb0 allocbulk+0x2af/0x720 prefillmemcache+0x7f/0xb0...

CVE-2024-50254 bpf: Free dynamically allocated bits in bpf_iter_bits_destroy()

In the Linux kernel, the following vulnerability has been resolved: bpf: Free dynamically allocated bits in bpfiterbitsdestroy bpfiterbitsdestroy uses "kit-nrbits kmemleakalloc+0x4b/0x80 kmallocnodenoprof+0x480/0x5c0 alloc.isra.0+0x89/0xb0 allocbulk+0x2af/0x720 prefillmemcache+0x7f/0xb0...

CVE-2024-50254

In the Linux kernel, the following vulnerability has been resolved: bpf: Free dynamically allocated bits in bpfiterbitsdestroy bpfiterbitsdestroy uses "kit-nrbits kmemleakalloc+0x4b/0x80 kmallocnodenoprof+0x480/0x5c0 alloc.isra.0+0x89/0xb0 allocbulk+0x2af/0x720 prefillmemcache+0x7f/0xb0...

CVE-2024-43911 wifi: mac80211: fix NULL dereference at band check in starting tx ba session

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...

CVE-2024-43911

CVE-2024-43911—Linux kernel wifi/mac80211 NULL pointer dereference fix . The vulnerability occurs in the MLD path during band/tx BA session initialization where link_data/link_conf may not point to vif->bss_conf, risking a NULL chan and a kernel crash. The fix adds explicit checks on ht_suppor...

CVE-2021-47609 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpipd-name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tree node as the name...

CVE-2021-47609

CVE-2021-47609 : Linux kernel vulnerability in the SCPI genpd driver for arm SCPI firmware. The issue was a missing bound check on scpi_pd->name, which could overflow a 30-byte buffer when copying the device name, potentially leading to memory corruption. The fix allocates the string dynamical...

CVE-2024-36010 igb: Fix string truncation warnings in igb_set_fw_version

In the Linux kernel, the following vulnerability has been resolved: igb: Fix string truncation warnings in igbsetfwversion Commit 1978d3ead82c "intel: fix string truncation warnings" fixes '-Wformat-truncation=' warnings in igbmain.c by using kasprintf...

CVE-2024-35940

A vulnerability was found in the Linux kernel's pstore/zone subsystem, specifically in the pszkmsgread function. The issue occurs because kasprintf can return a NULL pointer if memory allocation fails, but there was no check for this in the affected code. Mitigation Mitigation for this issue is...

CVE-2023-52686

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opaleventinit kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...

CVE-2023-52690 powerpc/powernv: Add a null pointer check to scom_debug_init_one()

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check to scomdebuginitone kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Add a null pointer check, and release 'ent' to avoid memory leaks...

CVE-2023-52686 powerpc/powernv: Add a null pointer check in opal_event_init()

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opaleventinit kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...

CVE-2023-52686 powerpc/powernv: Add a null pointer check in opal_event_init()

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opaleventinit kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...

CVE-2023-52675 powerpc/imc-pmu: Add a null pointer check in update_events_in_group()

In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in updateeventsingroup kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...

CVE-2024-26908

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: x86/xen: Add some null pointer checking to smp.c The Linux kernel CVE team has assigned CVE-2024-26908 to this issue...

CVE-2024-26908

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-26908

CVE-2024-26908 is a Linux kernel issue where the advisory notes adding null pointer checks in kernel/x86/smp.c (x86/xen path). Connected advisories (RHSA-2024:6992, RHSA-2024:5992/5928 equivalents, ELSA-2024-5928) indicate affected kernel builds in Red Hat, Oracle Linux, and related distributions...

CVE-2023-52607 powerpc/mm: Fix null-pointer dereference in pgtable_cache_add

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtablecacheadd kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity...

CVE-2023-52467

A vulnerability was found in the Linux kernel, where A NULL pointer dereference flaw may occur in sysconregister. In this issue, kasprintf returns a pointer to dynamically allocated memory, which can be NULL upon failure...

CVE-2023-52467

In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in ofsysconregister kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...